diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-11-14 18:01:11 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-14 18:01:11 +0000 |
| commit | 6cc772a6fa213f2624f490735f4cf49426bcc0e0 (patch) | |
| tree | 398d8785581708be3eb823fcffdc18b0f8726e65 /nixos | |
| parent | 0523b2e6c2ea7730352fa32e8a921ec331569571 (diff) | |
| parent | cd014bdb858891bc7a3f0c1267ef8ad4fd11f19c (diff) | |
| download | nixpkgs-6cc772a6fa213f2624f490735f4cf49426bcc0e0.tar nixpkgs-6cc772a6fa213f2624f490735f4cf49426bcc0e0.tar.gz nixpkgs-6cc772a6fa213f2624f490735f4cf49426bcc0e0.tar.bz2 nixpkgs-6cc772a6fa213f2624f490735f4cf49426bcc0e0.tar.lz nixpkgs-6cc772a6fa213f2624f490735f4cf49426bcc0e0.tar.xz nixpkgs-6cc772a6fa213f2624f490735f4cf49426bcc0e0.tar.zst nixpkgs-6cc772a6fa213f2624f490735f4cf49426bcc0e0.zip | |
Merge master into staging-next
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/security/sudo.nix | 10 | ||||
| -rw-r--r-- | nixos/tests/pleroma.nix | 21 |
2 files changed, 24 insertions, 7 deletions
diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix index ff912dec507..3dd5d2e525d 100644 --- a/nixos/modules/security/sudo.nix +++ b/nixos/modules/security/sudo.nix @@ -192,10 +192,12 @@ in ###### implementation config = mkIf cfg.enable { - assertions = [ - { assertion = cfg.package.pname != "sudo-rs"; - message = "The NixOS `sudo` module does not work with `sudo-rs` yet."; } - ]; + assertions = [ { + assertion = cfg.package.pname != "sudo-rs"; + message = '' + NixOS' `sudo` module does not support `sudo-rs`; see `security.sudo-rs` instead. + ''; + } ]; security.sudo.extraRules = let diff --git a/nixos/tests/pleroma.nix b/nixos/tests/pleroma.nix index 4f1aef85414..c80f48e52ed 100644 --- a/nixos/tests/pleroma.nix +++ b/nixos/tests/pleroma.nix @@ -25,6 +25,18 @@ import ./make-test-python.nix ({ pkgs, ... }: let + # Fix for https://github.com/ihabunek/toot/pull/405. Includes + # https://github.com/ihabunek/toot/pull/405. TOREMOVE when + # toot > 0.38.1 + patched-toot = pkgs.toot.overrideAttrs (old: { + version = "unstable-24-09-2023"; + src = pkgs.fetchFromGitHub { + owner = "ihabunek"; + repo = "toot"; + rev = "30857f570d64a26da80d0024227a8259f7cb65b5"; + sha256 = "sha256-BxrI7UY9bfqPzS+VLqCFSmu4PkIkvhntcEeNJb1AzOs="; + }; + }); send-toot = pkgs.writeScriptBin "send-toot" '' set -eux # toot is using the requests library internally. This library @@ -164,9 +176,12 @@ import ./make-test-python.nix ({ pkgs, ... }: ''; tls-cert = pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } '' - openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=pleroma.nixos.test' -days 36500 mkdir -p $out - cp key.pem cert.pem $out + openssl req -x509 \ + -subj '/CN=pleroma.nixos.test/' -days 49710 \ + -addext 'subjectAltName = DNS:pleroma.nixos.test' \ + -keyout "$out/key.pem" -newkey ed25519 \ + -out "$out/cert.pem" -noenc ''; hosts = nodes: '' @@ -180,7 +195,7 @@ import ./make-test-python.nix ({ pkgs, ... }: security.pki.certificateFiles = [ "${tls-cert}/cert.pem" ]; networking.extraHosts = hosts nodes; environment.systemPackages = with pkgs; [ - toot + patched-toot send-toot ]; }; |